Skip to main content
WebDev-Tools WebDev-Tools

JWT Decoder — Analyze & Decode JSON Web Tokens Online

Decode and analyze JSON Web Tokens (JWT) with our JWT Decoder. The tool automatically separates the token into its three parts (header, payload, signature) and displays the decoded content in formatted JSON. Recognizes common algorithms like HS256, RS256, ES256 and shows expiration information (exp, iat, nbf). Note: this tool only decodes tokens; signature verification requires the secret key. All operations are performed locally in your browser.

Features

  • Header Decoding: View algorithm (alg) and token type (typ)
  • Payload Extraction: Decode claims and user data
  • Expiry Checking: Automatically verify if token has expired
  • Syntax Highlighting: Color-coded JSON for better readability
  • Signature Display: Show Base64URL-encoded signature
  • Client-Side: All processing happens locally in your browser

JWT Structure

A JWT consists of three Base64URL-encoded parts separated by dots (.):

HEADER.PAYLOAD.SIGNATURE

Header

Contains token metadata:

  • alg: Algorithm (HS256, RS256...)
  • typ: Token type (JWT)

Payload

Contains the claims:

  • sub: Subject (user ID)
  • exp: Expiration time
  • iat: Issued at
  • Custom claims

Signature

Verifies token integrity:

  • HMAC or RSA signature
  • Requires secret key to verify
  • Prevents tampering

Useful Resources

Wikipedia: JSON Web Token Beginner-friendly introduction to JWT concepts and structure
JWT.io Official JWT website with debugger and library information
RFC 7519: JSON Web Token Official IETF specification for JWT
Auth0: Introduction to JSON Web Tokens Comprehensive guide to understanding and using JWTs
MDN: SubtleCrypto Web Crypto API for cryptographic operations in JavaScript